-
Notifications
You must be signed in to change notification settings - Fork 422
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for querying the negotiated TLS version. The Quickening #244
Changes from 13 commits
5d85fca
ba65e66
b296792
06bbba1
380507e
2637c3b
3cd0e67
85a4dff
5230dad
f00513f
abff188
d382d6d
d1c896e
a923e93
208438c
58d2573
b5b6b0e
46f2891
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,11 @@ | ||
2015-05-27 Jim Shaver <dcypherd@gmail.com> | ||
|
||
* OpenSSL/SSL.py, : Add ``get_protocol_version()`` and | ||
``get_protocol_version_name()`` to Connection | ||
Based on work from Rich Moore | ||
* OpenSSL/test/test_crypto.py: tests for ``get_protocol_version()`` | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. just add OpenSSL/test/test_crypto.py to the list above. it’s implicit that we add tests for new code. :) There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. |
||
and ``get_protocol_version_name()`` | ||
|
||
2015-05-02 Jim Shaver <dcypherd@gmail.com> | ||
|
||
* .travis.yml, setup.py, tox.ini: Removed support for Python 3.2. | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -1883,6 +1883,18 @@ def get_cipher_version(self): | |
return version.decode("utf-8") | ||
|
||
|
||
def get_protocol_version_name(self): | ||
""" | ||
Obtain the protocol version of the current connection. | ||
|
||
:returns: The TLS version of the current connection, for example | ||
the value for TLS 1.2 would be ``b'TLSv1.2'``. | ||
:rtype: :py:class:`unicode` | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I believe that’s not true anymore? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 208438c now bytes |
||
""" | ||
version = _ffi.string(_lib.SSL_get_version(self._ssl)) | ||
return version | ||
|
||
|
||
@_requires_npn | ||
def get_next_proto_negotiated(self): | ||
""" | ||
|
@@ -1938,6 +1950,17 @@ def get_alpn_proto_negotiated(self): | |
return _ffi.buffer(data[0], data_len[0])[:] | ||
|
||
|
||
def get_protocol_version(self): | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. please group those two methods together There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. moved in 208438c |
||
""" | ||
Obtain the protocol version of the current connection. | ||
|
||
:returns: The TLS version of the current connection, for example | ||
the value for TLS 1.2 would be 0x303. | ||
:rtype: :py:class:`int` | ||
""" | ||
version = _lib.SSL_version(self._ssl) | ||
return version | ||
|
||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. this needs three empty lines There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. there are three lines at the bottom, it has been moved 208438c |
||
|
||
ConnectionType = Connection | ||
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -598,6 +598,22 @@ Connection objects have the following methods: | |
but not it returns the entire list in one go. | ||
|
||
|
||
.. py:method:: Connection.get_protocol_version() | ||
|
||
Retrieve the version of the SSL or TLS protocol used by the Connection. | ||
For example, it will return ``0x303`` for connections made over TLS | ||
version 1.2, or ``Unknown`` for connections that were not successfully | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. that seems unlikely :) There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. removed unknown in 208438c |
||
established. | ||
|
||
|
||
.. py:method:: Connection.get_protocol_version_name() | ||
|
||
Retrieve the version of the SSL or TLS protocol used by the Connection. | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. “…as an unicode string.” would be nice to differentiate it from the other method, no? |
||
For example, it will return ``TLSv1`` in bytes for connections made over | ||
TLS version 1, or ``Unknown`` for connections that were not successfully | ||
established. | ||
|
||
|
||
.. py:method:: Connection.get_client_ca_list() | ||
|
||
Retrieve the list of preferred client certificate issuers sent by the server | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I’d like Connection to be in `` too. Also please add some periods after sentences. :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
208438c